summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2021-02-19 12:31:19 -0500
committerNick Mathewson <nickm@torproject.org>2021-02-19 12:31:19 -0500
commitede88c374cd61e1e362422718625707a770cffff (patch)
treebc83ba025390609e65e6cce0985acc1ba22e12a3 /src
parent21317c92296f0c08176c8788f8f2bcf501e78032 (diff)
downloadtor-ede88c374cd61e1e362422718625707a770cffff.tar.gz
tor-ede88c374cd61e1e362422718625707a770cffff.zip
Disable the dump_desc() function.
It can be called with strings that should have been length-delimited, but which in fact are not. This can cause a CPU-DoS bug or, in a worse case, a crash. Since this function isn't essential, the best solution for older Tors is to just turn it off. Fixes bug 40286; bugfix on 0.2.2.1-alpha when dump_desc() was introduced.
Diffstat (limited to 'src')
-rw-r--r--src/feature/dirparse/unparseable.c6
1 files changed, 6 insertions, 0 deletions
diff --git a/src/feature/dirparse/unparseable.c b/src/feature/dirparse/unparseable.c
index 941b5a1f6d..a547335452 100644
--- a/src/feature/dirparse/unparseable.c
+++ b/src/feature/dirparse/unparseable.c
@@ -492,6 +492,12 @@ dump_desc,(const char *desc, const char *type))
{
tor_assert(desc);
tor_assert(type);
+#ifndef TOR_UNIT_TESTS
+ /* On older versions of Tor we are disabling this function, since it
+ * can be called with strings that are far too long. */
+ if (1)
+ return;
+#endif
size_t len;
/* The SHA256 of the string */
uint8_t digest_sha256[DIGEST256_LEN];